“An Apple programmer, apparently by accident, left a debug flag in the most recent version of the Mac OS X operating system,” Emil Protalinski reports for ZDNet. “In specific configurations, applying OS X Lion update 10.7.3 turns on a system-wide debug log file that contains the login passwords of every user who has logged in since the update was applied. The passwords are stored in clear text.”
Protalinski reports, “Anyone who used FileVault encryption on their Mac prior to Lion, upgraded to Lion, but kept the folders encrypted using the legacy version of FileVault is vulnerable. FileVault 2 (whole disk encryption) is unaffected.”
“This flaw further shows Apple has a quality assurance problem. When it comes to encryption, it’s important to choose a secure algorithm, but implementation is even more important. A simple bug in how the keys are secured, managed, or accessed can lead to a massive unraveling, as we’ve seen here,” Protalinski reports. “Apple needs to fix this issue as soon as possible. Even when a patch is made available, it will be impossible for the company to ensure the log file has been deleted, especially given all the places it may have been backed up. This means your password could still be out there even after you update, so after you do, make sure to change it.”
Much more in the full article here.
MacDailyNews Take: WWSD?
[Thanks to MacDailyNews Reader “SteveF” for the heads up.]
I have posted here for years that Apple has been shipping Beta software – this is but another example. While I understand the company has expanded at a phenomenal rate and run very lean- this kind of shit is unacceptable.
Apple needs to pull some resources back to OS X from iOS and the ruination of OS X by making it more iOS like and patch up some security holes. This is not the only one.
BS. I take it your standard of not-Beta software is absolute perfection, which does not exist. Human beings are not perfect, no matter who they work for or which platform they are on. Not until software is written by machines themselves will it approach anything close to perfect.
Unlike “Mr. unless it’s perfect it’s useless”, I am very happy with Apple’s software engineers. So what if an engineer made a mistake on the last release? Until widespread damage is proven to have taken place, your hysterical reaction it off base.
Apples fanatical obsession with secrecy limits the auditing and testing prior to launch. Combine that with the fact that Apple is now obsessed with iOS the MAc is being treated like a red headed stepchild.
I have to agree. I love IOS, I like Lion in general, but all who do not see that the quality of the OS is not yet again a step up from its predecessor should look again. Let’s hope Mountain Lion will be for Lion what SL was for Leopard, but just like then is OS (as in OSX) stability and not in like more features that turn it into an iPad with a keyboard!
Microsoft is going the wrong way in that is want W8 to be a JOAT, Apple chose to do two OS’s, let’s hope they will follow through on that promise!
The programmers error is an error that can happen to the best, maybe it illustrates what pap is saying, but it seems an honest mistake….
Right, it’s unacceptable, but don’t act like Apple are the only ones that have ever done something like this.
Blow a gasket?
^ In response to WWSD?
Uhhhhh, that most likely would be “former programmer.”
Really, that is what you think is appropriate? Pretty simple mistake to make. Your professional life is perfect in every way? No mistakes ever?
How about his boss or direct supervisor, fire them too? How about the quality assurance team? Gone?
I hope you are not in a leadership position somewhere. This is a process improvement moment, a teachable moment, a reprimand moment, but a firing moment, for the programmer at the bottom? I don’t think so..
At first glance, this seemed like an “Oh-My-God!” kind of disaster. But reading the article, this apparently only affects people who use a old version of File Vault that isn’t even supported by the new OS.
And since most average users don’t use File Vault (or probably know what it is), this is a non-issue about a non-issue.
And THIS is what’s got all the anti-Apple boys at ZDNet up in arms? Oh, please…
yeah I started reading the article thinking apple is going to have a media headache..
Then I saw the small number of people that would be affected.
Still an apple problem, but not as wide spread as the headline suggests.
Given its recent record of product problems, Apple appears to have a “quality control” problem in general. Does Apple actually real-world test products from design to production before release? We love you Apple, but please give us design and function, not design at the expense of function!
This kind of thing could have easily happened even while Steve Jobs was around. Steve didn’t go through lines of code checking for stuff like this. This is a small problem that affects a very very small number of people (those still using the old version of FileVault). What will happen now is the same thing that would have happened when Steve was around, it will get fixed and possibly some one will get fired.
Note however that a person still needs administrative or root access to be able to view the file. That would apply to Time Machine backups as well, so very few people would be able to see the passwords.
Still a significant “oops” which simply cannot occur when dealing with encryption and security. What if something had been left in which rendered it impossible to open any files secured by FileVault after encrypted? Or if Time Machine backups scrambled the password such that you could never restore anything?
Apple does need to tighten up its QC on software. There have been significant bugs in OS X, but also in apps like iTunes, iPhoto, etc. which have been significant. The kinds of bugs which longtime Mac users aren’t used to seeing and which we shouldn’t see.
I guess you’ve forgotten all the years that preceded Mac OS X (let’s say 10.6.8, shall we? 🙂 Mac OS 9 wasn’t anyone’s shining example of a bug-free OS!!! When was last time Lion kernel panicked on you? (Now I do totally agree that users shouldn’t see bugs — but don’t you react with surprise when one of the apps you mentioned crashes? Everything *old* seems to be getting more and more stable as the bedrock gets more stable).
This would only apply to extremely advanced users… 99% of users probably arent even aware of FileVault… Trolling for news…
And yes… It would have equated to “former apple developers blunder”..
Also most of those advanced users also wouldn’t be affected as they would have updated to the newest version of FileVault as advanced users tend to do.
So much for Apple’s quality assurance program. And this from a multi-billion dollar company, no less. There’s just no excuse!
sloppy.
Yes
All you blowing gaskets think about two classes of people in this workforce: The programmer who made the mistake and the programmer who would replace said programmer. Who do you think is LESS likely to ever make such a mistake again? If you keep replacing *seasoned* workers with unseasoned ones, accidents like this keep happening. As the billboard says: “Experience is gained by making mistakes; mistakes occur because of lack of experience.”
+1!
the gasket blowing isn’t about the unseasoned programmer, it’s about the seasoned programmer who is supervising him.
hence, sloppy.
measure twice, cut once..apropos to any endeavor.
THIS ⬆
it may only be 1%, but what if that 1% are all Fortune 500 companies, with very sensitive data to protect. That is a big deal, to them and their potential enemies.
It goes without saying that Filevault users will have sensitive data to protect and would be very pissed if this error allowed in a hacker from the competition.
Apple’s QA is truly an afterthought. The company does fair QA on its apps (Final Cut Studio, Logic, iWork, FileMaker, etc.) and even its OS apps (Mail, Safari, Calculator, etc.) but ZERO on its frameworks. So anything that lies in the OS beneath the user-facing stuff is simply shipped 100% untested.
Revealing user passwords in clear text in the system log, while definitely an egregious security problem, is less one engineer’s failure than an indictment of Apple’s overall attitude to quality.
“So anything that lies in the OS beneath the user-facing stuff is simply shipped 100% untested.”
Nope.
OS X and iOS wouldn’t even function in that case. And are you seriously attempting to make people believe Apple just releases their operating systems without checking to see if they, you know, operate? Try again. Or better yet, don’t.
Apple’s QA is truly an afterthought. The company does fair QA on its apps (Final Cut Studio, Logic, iWork, FileMaker, etc.) and even its OS apps (Mail, Safari, Calculator, etc.) but ZERO on its frameworks. So anything that lies in the OS beneath the user-facing stuff is simply shipped 100% untested.
Revealing user passwords in clear text in the system log, while definitely an egregious security problem, is less one engineer’s failure than an indictment of Apple’s overall attitude to quality.
And before you fanboys complain that my geek cred isn’t up to snuff, I started programming on an Apple //+, learned to program the Mac on a Lisa, and have been a Mac software engineer for the past 28 years. Trust me. It’s a problem.
I won’t trust you, thank you very much. I worked there for over two decades, knew many QA folks, filed tons of bugs and saw the results. I’ve participated in bug review boards and all manner of QA-related efforts. Your statement completely ignores the impact of good design and feels more like allegations made by someone with an axe to grind. Is Apple engineering perfect? No way. Shipped 100% untested? Totally BS.
If you spoonerize “File Vault” you get “Vile Fault”..
Just sayin’…
PEOPLE,
It’s a debug statement accidentally left in and would have been hard to detect unless a very complex regression test was performed. This sort of stuff happens all the time (not only to Apple, but everybody). Okay, maybe some validation checks should have been performed before compilation looking for debugging and other temporary code changes, but this happens and people are making a mountain out of a mole hill here. Someone has to get access to your computer to get to that info and if they got that far; you’ve got BIGGER things to worry about than some log files that may or may not have your password in clear text!
Yup. Every little thing these days gets the press hits – even on Mac sites. FUD is going to be a daily occurrence because Apple is on top. The way it goes I’m afraid.
I agree with the prior comment — this affects such a tiny fraction of people and the original article should have made this clear. If you cared enough about security to use FileVault I then you would care enough to update it to FileVault II when the OS upgraded. FileVault II users are unaffected by this blunder. I am not defending Apple’s mistake but it does not deserve to be blown out of proportion by Zdnet
Would it be worse if it were MSFT? GOOG? hmmmmmmmmm. Just asking. But I think I can guess the answer.